[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Nov 18 20:41:13 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27295460 by Salvatore Bonaccorso at 2020-11-18T21:40:46+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4626,7 +4626,7 @@ CVE-2020-25692 [vulnerability with slapd normalization handling with modrdn]
 CVE-2020-28006
 	RESERVED
 CVE-2020-28005 (httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) al ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-28004
 	RESERVED
 CVE-2020-28003
@@ -7083,7 +7083,7 @@ CVE-2020-27128 (A vulnerability in the application data endpoints of Cisco SD-WA
 CVE-2020-27127
 	RESERVED
 CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow an unaut ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an unauthenticat ...)
 	NOT-FOR-US: Cisco
 CVE-2020-27124
@@ -7668,7 +7668,7 @@ CVE-2020-26886
 CVE-2020-26885
 	RESERVED
 CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulner ...)
-	TODO: check
+	NOT-FOR-US: RSA Archer
 CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can occur bec ...)
 	NOT-FOR-US: Play Framework
 CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can occur wh ...)
@@ -8388,7 +8388,7 @@ CVE-2020-26556
 CVE-2020-26555
 	RESERVED
 CVE-2020-26554 (REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML  ...)
-	TODO: check
+	NOT-FOR-US: REDDOXX MailDepot
 CVE-2020-26553 (An issue was discovered in Aviatrix Controller before R6.0.2483. Sever ...)
 	NOT-FOR-US: Aviatrix
 CVE-2020-26552 (An issue was discovered in Aviatrix Controller before R6.0.2483. Multi ...)
@@ -9415,25 +9415,25 @@ CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco I
 CVE-2020-26082
 	RESERVED
 CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field Network Dire ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26080 (A vulnerability in the user management functionality of Cisco IoT Fiel ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26079 (A vulnerability in the web UI of Cisco IoT Field Network Director (FND ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26078 (A vulnerability in the file system of Cisco IoT Field Network Director ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26077 (A vulnerability in the access control functionality of Cisco IoT Field ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND) could allow  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26074
 	RESERVED
 CVE-2020-26073
 	RESERVED
 CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network Director (F ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26071
 	RESERVED
 CVE-2020-26070 (A vulnerability in the ingress packet processing function of Cisco IOS ...)
@@ -9441,7 +9441,7 @@ CVE-2020-26070 (A vulnerability in the ingress packet processing function of Cis
 CVE-2020-26069
 	RESERVED
 CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE Software  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-26067
 	RESERVED
 CVE-2020-26066
@@ -11038,7 +11038,7 @@ CVE-2020-25408
 CVE-2020-25407
 	RESERVED
 CVE-2020-25406 (app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to  ...)
-	TODO: check
+	NOT-FOR-US: lemocms
 CVE-2020-25405
 	RESERVED
 CVE-2020-25404
@@ -12550,7 +12550,7 @@ CVE-2020-24725
 CVE-2020-24724
 	RESERVED
 CVE-2020-24723 (Cross Site Scripting (XSS) vulnerability in the Registration page of t ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2020-24722 (** DISPUTED ** An issue was discovered in the GAEN (aka Google/Apple E ...)
 	NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
 CVE-2020-24721 (An issue was discovered in the GAEN (aka Google/Apple Exposure Notific ...)
@@ -13512,7 +13512,7 @@ CVE-2020-24299
 CVE-2020-24298
 	RESERVED
 CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remo ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-24296
 	RESERVED
 CVE-2020-24295
@@ -53837,11 +53837,11 @@ CVE-2020-7566
 CVE-2020-7565
 	RESERVED
 CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server  ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server o ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2020-7561
 	RESERVED
 CVE-2020-7560
@@ -64635,7 +64635,7 @@ CVE-2020-3588 (A vulnerability in virtualization channel messaging in Cisco Webe
 CVE-2020-3587 (A vulnerability in the web-based management interface of the Cisco SD- ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3586 (A vulnerability in the web-based management interface of Cisco DNA Spa ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security Applianc ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3584
@@ -64745,7 +64745,7 @@ CVE-2020-3533 (A vulnerability in the Simple Network Management Protocol (SNMP)
 CVE-2020-3532
 	RESERVED
 CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI command in ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3529 (A vulnerability in the SSL VPN negotiation process for Cisco Adaptive  ...)
@@ -64843,7 +64843,7 @@ CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco Vi
 CVE-2020-3483 (Duo has identified and fixed an issue with the Duo Network Gateway (DN ...)
 	NOT-FOR-US: Duo
 CVE-2020-3482 (A vulnerability in the Traversal Using Relays around NAT (TURN) server ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam AntiVirus (C ...)
 	{DLA-2314-1}
 	- clamav 0.102.4+dfsg-1
@@ -64868,9 +64868,9 @@ CVE-2020-3473 (A vulnerability in task group assignment for a specific CLI comma
 CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings could  ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3471 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3470 (Multiple vulnerabilities in the API subsystem of Cisco Integrated Mana ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3469
 	RESERVED
 CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
@@ -64928,7 +64928,7 @@ CVE-2020-3443 (A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-P
 CVE-2020-3442 (The DuoConnect client enables users to establish SSH connections to ho ...)
 	NOT-FOR-US: DuoConnect
 CVE-2020-3441 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows could  ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
@@ -64972,7 +64972,7 @@ CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of Ci
 CVE-2020-3420
 	RESERVED
 CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
@@ -65026,7 +65026,7 @@ CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus 3000
 CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco IOS XE S ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3392 (A vulnerability in the API of Cisco IoT Field Network Director (FND) c ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) trap gene ...)
@@ -65076,7 +65076,7 @@ CVE-2020-3369 (A vulnerability in the deep packet inspection (DPI) engine of Cis
 CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3367 (A vulnerability in the log subscription subsystem of Cisco AsyncOS for ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3366
 	RESERVED
 CVE-2020-3365 (A vulnerability in the directory permissions of Cisco Enterprise NFV I ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201118/59b01243/attachment.html>

More information about the debian-security-tracker-commits mailing list